Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Implemented
-
1.1.0
-
None
-
None
-
None
Description
Server Side Encryption (sse) currently exists in the PutS3Object processor but don’t see sse-c, sse-c-key or sse-kms-key-id options.
--sse (string) Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms. If the parameter is specified but no value is provided, AES256 is used.
--sse-c (string) Specifies server-side encryption using customer provided keys of the the object in S3. AES256 is the only valid value. If the parameter is specified but no value is provided, AES256 is used. If you provide this value, --sse-c-key must be specified as well.
--sse-c-key (string) The customer-provided encryption key to use to server-side encrypt the object in S3. If you provide this value, --sse-c must be specified as well. The key provided should not be base64 encoded.
--sse-kms-key-id (string) The AWS KMS key ID that should be used to server-side encrypt the object in S3. Note that you should only provide this parameter if KMS key ID is different the default S3 master KMS key.
Would like to see full support of the various server side encryption capabilities added to our S3 processors.
This is related partially to another Apache Jira: NIFI-1769